Files
d1041231029-sig-b/api/get_verification_logs.php
2026-06-02 12:40:37 +07:00

109 lines
3.5 KiB
PHP

<?php
error_reporting(E_ALL);
ini_set('display_errors', 0);
header('Content-Type: application/json');
require_once 'config.php';
if ($_SERVER['REQUEST_METHOD'] === 'GET') {
try {
$db = getDB();
$sql = '
SELECT
vl.*,
h.household_code,
h.head_name,
h.verification_status AS current_household_status
FROM verification_logs vl
JOIN households h ON h.id = vl.household_id
WHERE 1 = 1
';
$params = [];
if (isset($_GET['household_id']) && $_GET['household_id'] !== '') {
if (!is_numeric($_GET['household_id'])) {
http_response_code(400);
echo json_encode(['error' => 'household_id must be numeric']);
exit;
}
$sql .= ' AND vl.household_id = ?';
$params[] = (int)$_GET['household_id'];
}
if (isset($_GET['verification_status']) && $_GET['verification_status'] !== '') {
$error = null;
$status = normalizeVerificationStatus($_GET['verification_status'], $error, false);
if ($status === null) {
http_response_code(400);
echo json_encode(['error' => $error]);
exit;
}
$sql .= ' AND vl.verification_status = ?';
$params[] = $status;
}
if (isset($_GET['verifier_role']) && trim((string)$_GET['verifier_role']) !== '') {
$sql .= ' AND vl.verifier_role = ?';
$params[] = trim((string)$_GET['verifier_role']);
}
if (isset($_GET['date_from']) && $_GET['date_from'] !== '') {
$dateFrom = trim((string)$_GET['date_from']);
$dateObj = DateTime::createFromFormat('Y-m-d', $dateFrom);
if (!$dateObj || $dateObj->format('Y-m-d') !== $dateFrom) {
http_response_code(400);
echo json_encode(['error' => 'date_from must be in YYYY-MM-DD format']);
exit;
}
$sql .= ' AND DATE(vl.verified_at) >= ?';
$params[] = $dateFrom;
}
if (isset($_GET['date_to']) && $_GET['date_to'] !== '') {
$dateTo = trim((string)$_GET['date_to']);
$dateObj = DateTime::createFromFormat('Y-m-d', $dateTo);
if (!$dateObj || $dateObj->format('Y-m-d') !== $dateTo) {
http_response_code(400);
echo json_encode(['error' => 'date_to must be in YYYY-MM-DD format']);
exit;
}
$sql .= ' AND DATE(vl.verified_at) <= ?';
$params[] = $dateTo;
}
$limit = 200;
if (isset($_GET['limit']) && $_GET['limit'] !== '') {
if (!is_numeric($_GET['limit'])) {
http_response_code(400);
echo json_encode(['error' => 'limit must be numeric']);
exit;
}
$limit = max(1, min((int)$_GET['limit'], 1000));
}
$sql .= ' ORDER BY vl.verified_at DESC, vl.created_at DESC LIMIT ' . $limit;
$stmt = $db->prepare($sql);
$stmt->execute($params);
$logs = $stmt->fetchAll(PDO::FETCH_ASSOC);
echo json_encode([
'success' => true,
'count' => count($logs),
'verification_logs' => $logs
]);
} catch (Exception $e) {
http_response_code(500);
echo json_encode(['error' => $e->getMessage()]);
}
} else {
http_response_code(405);
echo json_encode(['error' => 'Method not allowed']);
}
?>